Total
3979 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-6456 | 1 Gnu | 1 Recutils | 2024-11-21 | N/A |
| An issue was discovered in GNU Recutils 1.8. There is a NULL pointer dereference in the function rec_fex_size() in the file rec-fex.c of librec.a. | ||||
| CVE-2019-6445 | 1 Ntpsec | 1 Ntpsec | 2024-11-21 | N/A |
| An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem. | ||||
| CVE-2019-6137 | 1 Mz-automation | 1 Lib60870 | 2024-11-21 | N/A |
| An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in link_layer/link_layer.c has a NULL pointer dereference. | ||||
| CVE-2019-5914 | 1 Nttdocomo | 2 V20 Pro L-01j, V20 Pro L-01j Firmware | 2024-11-21 | N/A |
| V20 PRO L-01J software version L01J20c and L01J20d has a NULL pointer exception flaw that can be used by an attacker to cause the device to crash on the same network range via a specially crafted access point. | ||||
| CVE-2019-5719 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was addressed in epan/dissectors/packet-isakmp.c by properly handling the case of a missing decryption data block. | ||||
| CVE-2019-5717 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero. | ||||
| CVE-2019-5691 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | 7.8 High |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a NULL pointer is dereferenced, which may lead to denial of service or escalation of privileges. | ||||
| CVE-2019-5668 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | N/A |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSubmitCommandVirtual in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to denial of service or escalation of privileges. | ||||
| CVE-2019-5667 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2024-11-21 | N/A |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSetRootPageTable in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to code execution, denial of service or escalation of privileges. | ||||
| CVE-2019-5256 | 1 Huawei | 34 Ap2000, Ap2000 Firmware, Espace U1981 and 31 more | 2024-11-21 | 5.5 Medium |
| Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have a null pointer dereference vulnerability. The system dereferences a pointer that it expects to be valid, but is NULL. A local attacker could exploit this vulnerability by sending crafted parameters. A successful exploit could cause a denial of service and the process reboot. | ||||
| CVE-2019-5235 | 1 Huawei | 100 Alp-al00b, Alp-al00b Firmware, Alp-tl00b and 97 more | 2024-11-21 | 5.3 Medium |
| Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal. | ||||
| CVE-2019-5055 | 1 Netgear | 2 Wnr2000, Wnr2000 Firmware | 2024-11-21 | 7.5 High |
| An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon (hostapd) on the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) wireless router. A SOAP request sent in an invalid sequence to the <WFAWLANConfig:1#PutMessage> service can cause a null pointer dereference, resulting in the hostapd service crashing. An unauthenticated attacker can send a specially-crafted SOAP request to trigger this vulnerability. | ||||
| CVE-2019-5054 | 1 Netgear | 2 Wnr2000, Wnr2000 Firmware | 2024-11-21 | 7.5 High |
| An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 (WNR2000v5 with Firmware Version V1.0.0.70) HTTP server. An HTTP request with an empty User-Agent string sent to a page requiring authentication can cause a null pointer dereference, resulting in the HTTP service crashing. An unauthenticated attacker can send a specially crafted HTTP request to trigger this vulnerability. | ||||
| CVE-2019-5010 | 4 Debian, Opensuse, Python and 1 more | 9 Debian Linux, Leap, Python and 6 more | 2024-11-21 | 7.5 High |
| An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability. | ||||
| CVE-2019-5008 | 1 Qemu | 1 Qemu | 2024-11-21 | N/A |
| hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver. | ||||
| CVE-2019-5007 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | N/A |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is an Out-of-Bounds Read Information Disclosure and crash due to a NULL pointer dereference when reading TIFF data during TIFF parsing. | ||||
| CVE-2019-5006 | 2 Foxitsoftware, Microsoft | 3 Foxit Reader, Phantompdf, Windows | 2024-11-21 | N/A |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. It is a NULL pointer dereference during PDF parsing. | ||||
| CVE-2019-3995 | 2 Elog Project, Fedoraproject | 2 Elog, Fedora | 2024-11-21 | 7.5 High |
| ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP GET request. | ||||
| CVE-2019-3840 | 2 Opensuse, Redhat | 3 Leap, Enterprise Linux, Libvirt | 2024-11-21 | N/A |
| A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service. | ||||
| CVE-2019-2962 | 6 Canonical, Debian, Netapp and 3 more | 21 Ubuntu Linux, Debian Linux, E-series Santricity Os Controller and 18 more | 2024-11-21 | 3.7 Low |
| Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). | ||||